mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-30 15:32:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
31,649 Commits 170 Branches 263 Tags
Commit Graph

2746 Commits

Author SHA1 Message Date
Gilles Peskine
f5dd00288e Fix MSVC build failure 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Gilles Peskine
0bdb6dc079 Fix memory poisoning with Asan on arbitrary byte boundaries 
Asan poisons memory with an 8-byte granularity. We want to make sure that
the whole specified region is poisoned (our typical use case is a
heap-allocated object, and we want to poison the whole object, and we don't
care about the bytes after the end of the object and up to the beginning of
the next object). So align the start and end of the region to (un)poison to
an 8-byte boundary.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Gilles Peskine
d29cce91d0 Add memory poisoning framework 
While an area of memory is poisoned, reading or writing from it triggers a
sanitizer violation.

Implemented for ASan.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-29 19:22:03 +01:00
Janos Follath
c6f1637f8c
Merge pull request #8534 from paul-elliott-arm/fix_mutex_abstraction 
Make mutex abstraction and tests thread safe
 2023-11-29 13:26:23 +00:00
Tom Cosgrove
12d8b8eaba
Merge pull request #8539 from tom-daubney-arm/add_test_script_psa_hash 
Add Demo Script for PSA Hash Program
 2023-11-27 12:13:18 +00:00
Paul Elliott
f25d831123 Ensure mutex test mutex gets free'd 
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
 2023-11-23 18:49:43 +00:00
Dave Rodgman
8cd4bc4ac2
Merge pull request #8124 from yanrayw/support_cipher_encrypt_only 
Support the negative option MBEDTLS_BLOCK_CIPHER_NO_DECRYPT
 2023-11-23 17:43:00 +00:00
Paul Elliott
2e3f6902ed
Merge pull request #8549 from gilles-peskine-arm/metatest-gcc-12 
Fix metatest.c with gcc-12 -Wuse-after-free
 2023-11-23 11:09:41 +00:00
Yanray Wang
690ee81533 Merge remote-tracking branch 'origin/development' into support_cipher_encrypt_only 2023-11-23 10:31:26 +08:00
Gilles Peskine
7a715c4537 Fix the build with gcc-12 -Wuse-after-free 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-21 13:42:40 +01:00
Jerry Yu
713ce1f889 various improvement 
- improve change log entry
- improve comments
- remove unnecessary statement
- change type of client_age

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:59:25 +08:00
Jerry Yu
cf9135100e fix various issues 
- fix CI failure due to wrong usage of ticket_lifetime
- Improve document and comments

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
25ba4d40ef rename ticket_creation to ticket_creation_time 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:19 +08:00
Jerry Yu
3ff0b1fda3 Cleanup ticket negative tests. 
- improve comments
- case 3/4 is for server age check.
- case 5/6 is for client age check

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu
ec6d07870d Replace start with ticket_creation 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu
f16efbc78d fix various issues 
- Add comments for ticket test hooks
- improve code style.

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Jerry Yu
cebffc3446 change time unit of ticket to milliseconds 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
 2023-11-21 09:58:18 +08:00
Gilles Peskine
6267dd59c8
Merge pull request #8463 from gilles-peskine-arm/metatest-create 
Create a metatest program
 2023-11-20 14:07:08 +00:00
Thomas Daubney
dd2a09a22b Introduce demo script for PSA hash program 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
 2023-11-16 18:45:55 +00:00
Matthias Schulz
70595f7983 Explicitly indicating when private fields are accessed in benchmark.c. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-16 17:43:58 +01:00
Matthias Schulz
3b9240bbd0 Alternative Timing compatible benchmark.c 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-16 17:39:43 +01:00
Matthias Schulz
aa7dffa24a Add benchmark for RSA 3072. 
Signed-off-by: Matthias Schulz <mschulz@hilscher.com>
 2023-11-16 15:31:32 +01:00
Gilles Peskine
2f40cc05f0 Improve explanations of what bad thing a metatest does 
Especially clarify the situation with respect to mutex usage.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-16 15:13:38 +01:00
Gilles Peskine
ad2a17eb60 Uniformly use MBEDTLS_THREADING_C guards 
Since the code compiles with MBEDTLS_THREADING_C, not just with
MBEDTLS_THREADING_PTHREAD, use MBEDTLS_THREADING_C as the guard. The runtime
behavior is only as desired under certain conditions that imply
MBEDTLS_THREADING_PTHREAD, but that's fine: no metatest is expected to pass
in all scenarios, only under specific build- and run-time conditions.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-16 15:09:48 +01:00
Manuel Pégourié-Gonnard
752dd39a69
Merge pull request #8508 from valeriosetti/issue6323 
[G3] Driver-only cipher+aead: TLS: ssl-opt.sh
 2023-11-14 11:39:06 +00:00
Gilles Peskine
cce0012463 Add documentation 
Explain the goals of metatests, how to write them, and how to read their
output.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-10 15:36:15 +01:00
Gilles Peskine
ccb121500d Uninitialized read: make the pointer non-volatile rather than the buffer 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-10 11:35:36 +01:00
Gilles Peskine
da6e7a2ac2 More consistent usage of volatile 
Fix MSVC warning C4090.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-10 10:09:27 +01:00
Valerio Setti
38e75fb1a7 ssl_server2: remove usage of mbedtls_cipher_info_from_string() 
This removes the dependency from cipher module and legacy key/modes
symbols which are used in cipher_wrap.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-10 08:27:39 +01:00
Gilles Peskine
d2fa698155 Strengthen against possible compiler optimizations 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-09 21:46:24 +01:00
Yanray Wang
0751761b49 max_early_data_size: rename configuration function 
Rename mbedtls_ssl_tls13_conf_max_early_data_size as
mbedtls_ssl_conf_max_early_data_size since in the future
this may not be specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:34 +08:00
Yanray Wang
d5ed36ff24 early data: rename configuration function 
Rename mbedtls_ssl_tls13_conf_early_data as
mbedtls_ssl_conf_early_data since in the future this may not be
specific to TLS 1.3.

Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-07 11:49:24 +08:00
Gilles Peskine
a1023e2bd6 programs/test/metatest indirectly includes library/common.h 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
4bc873f0a1 Add missing program to .gitignore 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
102aea2ba8 Add metatests for mutex usage 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
f0d5cf9a0c Don't use %llx in printf 
We still do MinGW builds on our CI whose printf doesn't support it!

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
a1dfa14c06 Fix cast from pointer to integer of different size 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
ee8109541a Don't cast a function pointer to a data pointer 
That's nonstandard. Instead, convert to an integer.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
6aa9f32124 Use casts when doing nonstandard pointer conversions 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
69e8db0366 Strengthen against Clang optimizations 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
b0f0a64de0 Metatests for basic Asan and Msan features 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:19 +01:00
Gilles Peskine
80ba832be6 Metatests for null pointer dereference 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:09 +01:00
Gilles Peskine
f309fbf0d5 Validate that test_fail causes a test failure 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:09 +01:00
Gilles Peskine
33406b645d Add a metatest program 
This program can be used to validate that things that should be detected as
test failures are indeed caught, either by setting the test result to
MBEDTLS_TEST_RESULT_FAILED or by aborting the program.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
 2023-11-06 20:33:09 +01:00
Yanray Wang
f24bbd987a dh_client.c: modify prompt message 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-11-06 10:02:10 +08:00
Gilles Peskine
8b6b41f6cd
Merge pull request #8434 from valeriosetti/issue8407 
[G2] Make TLS work without Cipher
 2023-11-04 15:05:00 +00:00
Dave Rodgman
f8be5f6ade Fix overlooked files 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 20:43:00 +00:00
Dave Rodgman
16799db69a update headers 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
 2023-11-02 19:47:20 +00:00
Valerio Setti
74d48c89fa ssl_server2: small improvement of code readability 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
 2023-11-02 16:43:55 +01:00
Yanray Wang
b67b47425e Rename MBEDTLS_CIPHER_ENCRYPT_ONLY as MBEDTLS_BLOCK_CIPHER_NO_DECRYPT 
Signed-off-by: Yanray Wang <yanray.wang@arm.com>
 2023-10-31 17:22:06 +08:00